Book Image

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By : Dwayne Natwick
Book Image

Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900

By: Dwayne Natwick

Overview of this book

Cloud technologies have made building a defense-in-depth security strategy of paramount importance. Without proper planning and discipline in deploying the security posture across Microsoft 365 and Azure, you are compromising your infrastructure and data. Microsoft Security, Compliance, and Identity Fundamentals is a comprehensive guide that covers all of the exam objectives for the SC-900 exam while walking you through the core security services available for Microsoft 365 and Azure. This book starts by simplifying the concepts of security, compliance, and identity before helping you get to grips with Azure Active Directory, covering the capabilities of Microsoft’s identity and access management (IAM) solutions. You'll then advance to compliance center, information protection, and governance in Microsoft 365. You'll find out all you need to know about the services available within Azure and Microsoft 365 for building a defense-in-depth security posture, and finally become familiar with Microsoft's compliance monitoring capabilities. By the end of the book, you'll have gained the knowledge you need to take the SC-900 certification exam and implement solutions in real-life scenarios.

Related Content you might be interested in

Current Title:

Small book image
Microsoft Security, Compliance, and Identity Fundamentals Exam Ref SC-900
Dwayne Natwick
May, 2022 | 404 pages
Small book image
Microsoft 365 Security, Compliance, and Identity Administration
Peter Rising
Aug, 2023 | 630 pages
Small book image
Microsoft Information Protection Administrator SC-400 Certification Guide
Shabaz Darr | Viktor Hedberg
Feb, 2022 | 326 pages
Small book image
Azure Security Cookbook
Steve Miles
Mar, 2023 | 372 pages
Table of Contents (24 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Exam Overview
Section 1: Exam Overview
Free Chapter
2
Chapter 1: Preparing for Your Microsoft Exam
Chapter 1: Preparing for Your Microsoft Exam
Technical requirements
Preparing for the Microsoft exam
Resources available and accessing Microsoft Learn
Creating a Microsoft 365 trial subscription
Exam objectives
Who should take the SC-900 exam?
Summary
3
Section 2: The Key Concepts of Security, Compliance, and Identity
Section 2: The Key Concepts of Security, Compliance, and Identity
4
Chapter 2: Describing Security Methodologies
Chapter 2: Describing Security Methodologies
Describing and using a defense-in-depth security strategy
Understanding a shared responsibility in cloud security
Using and implementing the principles of the zero-trust methodology
Summary
5
Chapter 3: Understanding Key Security Concepts
Chapter 3: Understanding Key Security Concepts
Describing common threats
Describing encryption
Summary
6
Chapter 4: Key Microsoft Security and Compliance Principles
Chapter 4: Key Microsoft Security and Compliance Principles
Microsoft's privacy principles
Service Trust Portal offerings
Summary
7
Section 3: The Microsoft Identity Management Solutions
Section 3: The Microsoft Identity Management Solutions
8
Chapter 5: Defining Identity Principles/Concepts and the Identity Services within Azure AD
Chapter 5: Defining Identity Principles/Concepts and the Identity Services within Azure AD
Defining identity as the security perimeter
Defining authentication and authorization
Describing identity providers, Azure Active Directory, and federated services
Defining common identity attacks
Summary
9
Chapter 6: Describing the Authentication and Access Management Capabilities of Azure AD
Chapter 6: Describing the Authentication and Access Management Capabilities of Azure AD
Technical requirements
Describing Azure AD
Describing the types of identities in Azure AD
Describing how hybrid identity works within Azure AD
Describing how external users and groups are used in Azure AD
Describing the different ways to protect identity in Azure AD
Planning and implementing security defaults
Summary
10
Chapter 7: Describing the Identity Protection and Governance Capabilities of Azure AD
Chapter 7: Describing the Identity Protection and Governance Capabilities of Azure AD
Technical requirements
Describing Identity Governance
Describing entitlement and access reviews
Describing the capabilities of PIM
Describing Azure AD Identity Protection and Conditional Access policies
Summary
11
Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure
Section 4: The Microsoft Security Solutions for Microsoft 365 and Azure
12
Chapter 8: Describing Basic Security Services and Management Capabilities in Azure
Chapter 8: Describing Basic Security Services and Management Capabilities in Azure
Technical requirements
Network segmentation
Describe Azure Network Security Groups
Describe Azure DDoS protection
Describe Azure Firewall and Web Application Firewall
Describe secure remote management of virtual machines
Describe Azure data encryption
Summary
13
Chapter 9: Describing Security Management and Capabilities of Azure
Chapter 9: Describing Security Management and Capabilities of Azure
Technical requirements
Describing Cloud Security Posture Management (CSPM)
Describing the enhanced security features for Microsoft Defender for Cloud
Describing security baselines for Azure
Summary
14
Chapter 10: Describing Threat Protection with Microsoft 365 Defender
Chapter 10: Describing Threat Protection with Microsoft 365 Defender
Technical requirements
Describing the XDR and Microsoft 365 Defender services
Describing Microsoft Defender for Office 365
Describing Microsoft Defender for Cloud Apps
Describing Microsoft Defender for Identity
Describing Microsoft Defender for Endpoint
Summary
15
Chapter 11: Describing the Security Capabilities of Microsoft Sentinel
Chapter 11: Describing the Security Capabilities of Microsoft Sentinel
Technical requirements
Define the concepts of SIEM, SOAR, and XDR
Describe how Microsoft Sentinel provides integrated threat management
Describe Microsoft Sentinel in a modern SOC
Summary
16
Chapter 12: Describing Security Management and the Endpoint Security Capabilities of Microsoft 365
Chapter 12: Describing Security Management and the Endpoint Security Capabilities of Microsoft 365
Technical requirements
Describe the Microsoft 365 Defender portal
Describe the use of Microsoft Secure Score
Describe the security reports and dashboards
Describe incidents and incident management capabilities
Describe endpoint security with Microsoft Intune
Summary
17
Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure
Section 5: The Microsoft Compliance Monitoring Capabilities within Microsoft 365 and Azure
18
Chapter 13: Compliance Management Capabilities in Microsoft
Chapter 13: Compliance Management Capabilities in Microsoft
Technical requirements
Describe the compliance center
Describing Compliance Manager
Describe the use and benefits of the compliance score
Summary
19
Chapter 14: Describing Information Protection and Governance Capabilities of Microsoft 365
Chapter 14: Describing Information Protection and Governance Capabilities of Microsoft 365
Technical requirements
Describe data classification capabilities
Describe sensitivity labels
Describe data loss prevention
Describe records management
Describe retention policies and retention labels
Summary
20
Chapter 15: Describing Insider Risk, eDiscovery, and Audit Capabilities in Microsoft 365
Chapter 15: Describing Insider Risk, eDiscovery, and Audit Capabilities in Microsoft 365
Technical requirements
The insider risk management solution
Information barriers and Customer Lockbox
The Core eDiscovery workflow
The core audit capabilities of Microsoft 365
Summary
21
Chapter 16: Describing Resource Governance Capabilities in Azure
Chapter 16: Describing Resource Governance Capabilities in Azure
Technical requirements
Azure Policy and its use cases
Azure Blueprints
Azure Purview
Summary
22
Chapter 17: Final Assessment/ Mock Exam
Chapter 17: Final Assessment/ Mock Exam
Questions
Answers
Summary
Why subscribe?
23
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Define the concepts of SIEM, SOAR, and XDR

Let's start by explaining Microsoft Sentinel and what Security Information Event Management (SIEM) and Security Orchestration Automated Response (SOAR) solutions are.

SIEM is a solution within a security operations center that gathers logs and events from various appliances and software within an information technology infrastructure. These SIEM solutions then review the logs and events for potential threats by searching for behavior that is not typical of best practices or may be seen as anomalous or atypical. The benefit of having and utilizing SIEM is that without it, security operations personnel would need to review each of these log and event files manually. Since there are thousands of log and event files within companies, this option has the potential for mistakes, as fatigue becomes an issue when scrolling through these files. SIEM picks out the logs and events that could be a threat, and security personnel can then investigate...

Previous Section
End of Section 3
Next Section